USING THE DNS/DHCP ADMINISTRATIVE INTERFACE Last Updated:

(1)

U

SING

THE

DNS/DHCP

A

DMINISTRATIVE

I

NTERFACE

Last Updated: 2012-3-5

(2)

Using the DNS/DHCP Administrative Interface

dnsadmin_guide_v6.pdf

T

ABLE

OF

C

ONTENTS

When is registration needed? What about the zoned network? ... 3 What about guests? ... 3 Explaining split horizon DNS ... 3 Accessing the DNS/DHCP administrative interface... 4 The home screen ... 5

Static host entries vs. roaming host entries... 9

Creating a roaming host entry ... 9

Creating a static host entry with static DHCP ... 14

Using search ... 21

(3)

W

HEN

IS

REGISTRATION

NEEDED

?

W

HAT

ABOUT

THE

ZONED

NETWORK

?

The University of Notre Dame’s network infrastructure is amidst many changes to improve both the security and reliability of its network services. During this transitional period, there will be slight differences in the user experience between various network mediums. This transitional period is required in order to ensure the availability of legacy networks and services while OIT deploys the Zoned Network project and finalizes ND‐secure and ND‐guest wireless networks.

When connecting a new device to a legacy network (Nomad or legacy wired connections) users will continue to experience a mandatory registration process. This will provision their device for use on all legacy networks, but will not register them a hostname (i.e. yourmachine.campus.nd.edu). Users connecting to the new networks (ND‐secure, ND‐guest, or Wired Zoned networks) will authenticate to the network in order to achieve access. Authentication will occur via various methods including: captive portal, 802.1X, Cisco Clean Access agent. Users on these networks will also not automatically be given a hostname.

Once a user has connected to one of the available campus networks, they can choose to request a hostname for their device. Users desiring a hostname for their machine can self‐register a hostname via https://webreg.nd.edu or by contacting their department IT staff or the OIT Help Desk at 574.631.8111 or [email protected].

Network Registration

Required

Registration

Optional

Authentication

Required

ND‐secure X X

(via 802.1X)

ND‐guest X

X

(via web page or Cisco Clean Access

Agent)

Nomad X

Wired Zoned

Networks X

X

(via web page or Cisco Clean Access

Agent)

Legacy Wired

Networks X

W

HAT

ABOUT

GUESTS

?

Guests should use the ND‐guest network with an account authorized and created by an active faculty, staff, or student. Guests do not need to register their computers/devices or have static hostnames or IP addresses.

Accounts can be created at https://guestaccess.nd.edu.

You can find complete details about guest access at http://oit.nd.edu/guest.

E

XPLAINING

SPLIT

HORIZON

DNS

The Office of Information Technology is replacing its legacy DNS and DHCP infrastructure with an appliance based solution. The new infrastructure will provide the University’s networks with greater reliability and security, as well as providing resiliency in regards to disaster recovery. The new design will incorporate many industry best practices including an important methodology called “Split‐

(4)

Horizon DNS”. Split Horizon DNS allows for the separation of DNS information based on the user requesting the information. In the case of a University, the DNS information available to the users on campus will be on separate hardware and contain separate information than the DNS information available to the Internet. This technology allows for University to properly protect it internal resources, while also providing the flexibility to deliver a service differently depending on a user’s location or affiliation. For more information regarding Split‐Horizon DNS, please refer to http://en.wikipedia.org/wiki/Split‐horizon_DNS or contact OIT Network Engineering.

A

CCESSING

THE

DNS/DHCP

ADMINISTRATIVE

INTERFACE

1. In a web browser, visit https://dnsadmin.nd.edu to access the DNS/DHCP production environment. The current version of Infoblox Grid Manager is web‐based user interface that replaces the previous java‐client‐based user interface.

2. Enter your NetID and password to login to Grid Manager.

3. Upon successfully logging in, you will be presented with the Home screen of the DNS/DHCP administrative interface.

Note:

 Javascript must be enabled on your browser for Grid Manager to function properly.

 On Windows 7, Grid Manager supports IE 8.x, Firefox 3.6.x and 4.x, Chrome 7.x and 10.x. On Red Hat Enterprise Linux 6.x, Grid Manager supports Firefox 3.6.x and 4.x, Chrome 7.x and 10.x. On Mac OS 10.6.x, Grid Manager supports Safari 5.x, Firefox 3.6.x and 4.x, Chrome 10.x. For updated support information, please read “Infoblox NIOS Administrator Guide” (Page 19).

 Infoblox strongly recommends that you do not log in to Grid Manager from different browser windows using the same user account. Depending on the browser you use, it may cache user information in one session and apply it to another session. This can cause inconsistent behaviors within the browser sessions.

(5)

dns‐dhcp admin documentation.docx

T

HE HOME SCREEN

1. A typical layout of Grid Manager Interface is shown here. It identifies common elements of the interface and features that you can use.

2. Starting with version 6.3.x, the “Tasks Dashboard” is your home page on Grid Manager. It provides easy access to several

commonly performed tasks.

(6)

dns‐dhcp admin documentation.docx

3. “Status Dashboard” provides access to the status of your Grid and networks.

4. The “Dashboard” provides various widgets for viewing and managing data. You can select the widgets that you need and configure them to provide relevant data. You may click “Add Content”, select and drag a widget to the desired location on your “Dashboard”. You can also move a widget, by selecting and dragging it to its new location on your “Dashboard”. Grid Manager saves your “Dashboard” configuration and displays it the next time you log in. For example, the “Grid Status” widget provides status information about the Grid members and services. You may want to configure “My Commands” widget to add a few frequently‐used commands to the widget. Note that you must have at least read‐only permission to the objects that a widget displays. Otherwise, though you are allowed to select and place the widget on the “Dashboard”, it does not display any information.

5. “Data Management” tab provides navigation access point to view and manage IPAM (IP Address Management), DHCP, and

(7)

Last Updated: 2012-3-5

4. You can also see “Finder Panel”, “Toolbar Panel”, and “Help Panel” on Grid Manager interface.

 “Finder Panel” provides tools of “Smart Folders”, “Bookmarks”, “Recycle Bin”, and “URL Links”.

 “Toolbar Panel” provides easy access to commands.

 “Help Panel” provides “Help” information about the window currently displayed, “Documentation” about latest version of Infoblox Administrator Guide, “Support” to Infoblox web site, and “About” to view the NIOS software version.

5. One useful tool in “Finder panel” is to create and use “Smart Folders” to organize your core network services data.

See basic steps in the graph shown above. The important step is to choose proper filter to organize the data you need to manage. Each smart folder you create can contain up to 2,000 objects. When the number of objects exceeds 2,000, Grid Manager sorts and displays the first 2,000 objects only. It also displays a warning message at the top of the panel. In this case, you may want to redefine your filter criteria to further refine the filtered data in your smart folders.

(8)

6. You may use “Bookmarks” for easy retrieval of your data. Suppose you manage DNS zone of “cc.nd.edu”. To access data of “cc.nd.edu”, what you need to do are: click “Data Management” tab ‐> click “DNS” tab ‐> choose “ND Campus” view on the up left corner selection field ‐> click “ND Campus” under “Zone” and “DNS View” ‐> find “nd.edu” zone and click on it ‐> Click on “Subzones” (on lower left corner of “Workspace”) ‐> find “cc.nd.edu” zone and click on it ‐> click on “Records” and you will have access to records in “cc.nd.edu”. If you click on “Bookmark” icon, the “ND Campus‐>cc.nd.edu” object will be saved in “Bookmarks” under “Finder Panel”. You can create up to 500 bookmarks.

(9)

S

TATIC

HOST

ENTRIES

VS

.

ROAMING

HOST

ENTRIES

Static host entry – is an entry in DNS that maps a Fully Qualified Domain Name (FQDN) (hostname.domain.nd.edu) to an IP address for a given device. This is commonly needed when a device requires a specific IP address to be accessed by other devices in a given network such as a file server or web server.

Roaming host entry – is an entry in DHCP that maps a given FQDN to a MAC address (00:11:22:33:44:55). This is commonly needed when a device requires a specific hostname to be accessed by other devices in a given network, but will be continuously changing IP addresses. A roaming host entry is also commonly referred to as a “Static Name.” Registering a roaming host entry will ensure that a FQDN will correspond to a unique device regardless of its network or IP address. This is the type of entry most devices at Notre

Dame use.

C

REATING

A

ROAMING

HOST

ENTRY

This is the type of entry most devices at Notre Dame use. 1. With Grid Manger open, from the “Data Management” tab, select the “DHCP” tab and click the “Networks” tab ‐> “Roaming Hosts". Then click on “+” (Add) icon to add a new roaming host. 2. Select “Add Roaming Host” on the dialog box, and click “Next” button.

(10)

3. On the next dialog box, enter in the specific FQDN for the roaming host entry in the Roaming Host “Name” field. In the “MAC Address” field, enter in the corresponding MAC address.

4. On the next dialog box, click the “Override” button in the “Domain Name” row. Enter just your domain (e.g., cc.nd.edu – NOT THE FQDN) in the “Domain Name” field.

(11)

5. In the “Extensible Attributes” dialog box, fill in the NetID for the both “Admin” and “User” attributes. These are required fields and must be entered. Also, enter in the FQDN in the “Host” field. Then click “Save & Close” button.

6. To ensure dynamic DNS for your roaming host, go back to the list of “Roaming Host” and find the entry you just created. Then click on “Edit” icon.

(12)

Last Updated: 2012-3-5 dnsadmin_guide_v6.pdf

Copyright © 2012 – University of Notre Dame ‐ Office of Information Technologies Page 12 of 23 7. On the “Roaming Host” dialog box, toggle to “Advanced Mode”, then click on “IPv4 DHCP Options” tab.

8. In the “Custom DHCP Options” field of “IPv4 DHCP Options” dialog box, choose “host-name (12) string” option, and enter the host name of the roaming host. This field is necessary for correct DDNS configuration.

(13)

Last Updated: 2012-3-5 dnsadmin_guide_v6.pdf

9. Then click on “IPv4 DDNS” tab. On the next dialog box, click “Override” button to “DDNS Updates” and check “Enable DDNS Updates” checkbox. Then click “Override” button to “DDNS Domain Name” and enter in the DDNS domain name. Click “Save & Close” button.

(14)

C

REATING

A

STATIC

HOST

ENTRY

WITH

STATIC

DHCP

1. There are two ways to find out available IP address for you to assign a static host entry. The first one is to start with IPAM. For example, you need to find out available IP address in 129.74.34.0/24 network. You can start from “Data Management” tab ‐> “IPAM” ‐> “ND Campus” view, and click on the network container of 129.74.0.0/16.

2. Then, view the “List” of 129.74.34.0/24 network. From the list of all IP address usage, you can pick and choose one “Unused” IP address for your new host entry.

(15)

4. The first step to “Add Host Record” is to click on “Select Zone” button.

(16)

Copyright © 2012 – Uni versity of Notre Dame‐ Office of Information Technologies Page 16of 23 5. In “Zone Selector” dialog box, enter the zone name, i.e. domain name, and click on “Go” button. Then click on “OK” button.

6. When you are back to “Add Host Record” dialog box, enter the specific hostname for the static host entry in the “Name”

field. Then in the “MAC Address” field, enter the device’s corresponding MAC address. If you need to reserve the static IP address in DHCP service and to set dynamic DNS, check “DHCP” checkbox and select the row, and click on “Edit” icon to edit DHCP options.

(17)

If the MAC address is not known, the device must be hard‐coded with its IP address since DHCP will not function for that device. If the IP address to be assigned is inside a DHCP range, you need to put MAC address as “00:00:00:00:00:00” to reserve the IP address. DHCP server will not hand out an IP associated with all‐0’s MAC as DHCP lease.

7. Let us return to the scenario that you check “DHCP” checkbox and edit DHCP options. The options for DDNS are “Domain Name” and “host‐name”. After entering those fields, click on “Save & Close” button.

(18)

Last Updated:2012-3-5

8. Now we return to “Add Host Record” dialog box. Click on “Next” button.

9. The next step in “Add Host Record” dialog box is to enter Extensible Attributes of “Admin”, “Host”, and “User”. Then click on “Save & Close” button.

(19)

dnsadmin_guide_v6.pdf

Copyright © 2012 – Uni versity of Notre Dame‐ Office of Information Technologies Page 19of 23 10. Alternatively, you can start with “Data Management” ‐> “DNS” until you reach the appropriate subdomain, i.e. subzone, that

you would like to add a static host entry. Then select “+” (Add) ‐> “Host” ‐> “Host Record”.

11. In “Host Record” dialog box, you may choose “Add Address” if you know what static IP address will be assigned for your host entry, or you can choose “Next Available IP Address” to find out an unused IP address for your host entry. The rest steps and similar to steps 4‐9 above.

(20)

13. In the “Host Record” edit dialog box, click on “Aliases” button, click on “+” (Add) icon, enter in the corresponding alias for the static host entry, and click on “Save & Close” button.

(21)

14. If you would like this record viewable from off‐campus, then you will also need to publish the record in the “ND External” view. Select “ND External” view, and repeat the same steps to add the static host entry. Please note that there is no DHCP for “ND External” view.

USING

SEARCH

1. With Grid Manger open, click on the “Global Search” icon on the far right of the toolbar. In the “Search” dialog box, you can enter any information you currently know about an entry including: MAC address, hostname, domain name, IP address, comment fields, User/Admin entries. You may also choose filter rule with selection of “Type”, operator, and attribute value to speed search. Optionally, click the ‘+” icon to add another rule. You can add up 10 filter rules.

2. From search results, you may select the entry, and click the “Edit” icon to modify the existing entry, or click “Delete” icon to delete the existing entry.

At any point when you use Grid Manager Interface, you may click “Help Panel” ‐> “Help” to view information about the window displayed. For complete information about Grid Manager Interface, please read “Infoblox NIOS Administrator Guide” from “Help Panel” ‐> “Documentation”.

(22)

A

PPENDIX

A:

T

EMPORARY

NETWORK

REGISTRATION

WHILE

ZONED

NETWORK

IS

ROLLED

OUT

TO

CAMPUS

While the zoned network is rolled out to campus, users who are not yet on the zoned network will be required to register their computers as they have in the past.

Please note: registration is ONLY REQUIRED if the computer or device is not on the zoned network or if a device is on the Nomad wireless network. Computers and devices on ND‐secure and ND‐guest wireless networks do not need to register.

To register, users will need to launch a web browser, and they will be automatically redirected to the network registration site.

(23)

dnsadmin_guide_v6.pdf

After clicking Register, they will be shown a confirmation page. They must close and restart their browser, and then they can continue using the Internet as they normally would.